Privacy Policy

1. Who We Are

PalletZero is a product of Pantoll Ventures LLC. When we say “we,” “us,” or “our,” we mean Pantoll Ventures LLC operating the PalletZero service.

2. Data We Collect

We collect the minimum data necessary to provide the service:

• Account data: Email address and authentication credentials (managed by Supabase Auth).
• Shipment data: Packing slip images you upload, extracted text data (PO numbers, line items, quantities), and EDI 856 documents generated from that data.
• Usage data: Basic request logs for security and debugging. We do not use third-party analytics trackers.
• Billing data: Payment information is processed and stored by Stripe. We do not store credit card numbers.
• SMS data: If you use our SMS/MMS feature, your phone number and message content (packing slip photos) are processed via Twilio.

3. How We Use Your Data

• To process packing slip images and extract shipment data using Google Gemini AI.
• To generate and transmit EDI 856 ASN documents to SPS Commerce on your behalf.
• To manage your account and billing through Stripe.
• To respond to your support requests.

We do not sell your data. We do not use your shipment data for advertising. We do not share your data with third parties except the service providers listed below.

4. Third-Party Services

We use the following services to operate PalletZero:

• Supabase — Database, authentication, and row-level security.
• Google Gemini AI — OCR processing of packing slip images.
• SPS Commerce — EDI 856 ASN transmission to trading partners.
• Stripe — Payment processing and subscription management.
• Twilio — SMS/MMS messaging for packing slip photo intake.
• Vercel — Application hosting.

Each service has its own privacy policy. We encourage you to review them.

5. Data Security & Tenant Isolation

All data is transmitted over HTTPS. Authentication uses Supabase Auth with session-based tokens. Dashboard access is gated by middleware. API routes validate authentication on every request. Image URLs are validated against an allowlist to prevent SSRF attacks. Webhook endpoints verify signatures before processing.

Multi-tenant data isolation: PalletZero enforces strict per-organization data boundaries at multiple levels:

• Row-Level Security (RLS): Supabase PostgreSQL policies ensure that database queries only return rows belonging to the authenticated user's organization. This is enforced at the database layer — application code cannot bypass these policies.
• Organization-scoped queries: All dashboard data fetches include an org_id filter. Shipments, EDI documents, and audit logs are scoped to the user's organization.
• Middleware auth gating: All /dashboard routes require a valid Supabase session. Unauthenticated requests are redirected to login.
• No cross-tenant data access: There is no administrative endpoint or API that returns data across organizations. Each tenant's packing slip images, extracted data, and EDI 856 documents are fully isolated.
• Image pipeline isolation: Packing slip images processed via Gemini AI are fetched only from SSRF-allowlisted sources (Twilio, Supabase Storage) and are not cached or shared between tenants.

6. Data Retention

Your shipment data is retained in your Supabase database for as long as your account is active. If you cancel your account, you may request deletion of all your data by emailing us. We will delete your data within 30 days of a verified request.

7. Your Rights

You have the right to access, export, correct, or delete your data at any time. Contact us at privacy@pantollventures.com.

8. Contact

For privacy-related questions, email privacy@pantollventures.com.